CVSS: 9.8EPSS: 83%CPEs: 1EXPL: 0CVE-2021-27886 – Docker Dashboard Remote Command Execution
https://notcve.org/view.php?id=CVE-2021-27886
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal.js via shell metacharacters in the command parameter of an API request. NOTE: this is NOT a Docker, Inc. product. rakibtg Docker Dashboard antes del 28 de febrero de 2021, permite la inyección de comandos en el archivo backend/utilities/terminal.js por medio de metacaracteres de shell en el parámetro del comando de una petición de la API. NOTA: este NO es un producto de Docker, Inc Docker Dashboard suffers from a remote command execution vulnerability. The fix is added in commit 79cdc41. • http://packetstormsecurity.com/files/163416/Docker-Dashboard-Remote-Command-Execution.html https://github.com/rakibtg/docker-web-gui/commit/79cdc41809f2030fce21a1109898bd79e4190661 https://github.com/rakibtg/docker-web-gui/issues/23 https://www.docker.com/legal/trademark-guidelines • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-21284 – privilege escalation in Moby
https://notcve.org/view.php?id=CVE-2021-21284
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/<remapping>" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user. En Docker versiones anteriores a 9.03.15, 20.10.3, se presenta una vulnerabilidad que involucra la opción --userns-remap en la que un acceso a una root reasignada permite una escalada de privilegios a la root actual. Cuando se usa "--userns-remap", si el usuario root en el espacio de nombres reasignado tiene acceso al sistema de archivos del host, puede modificar archivos en "/var/lib/docker/(remapping)" que causa la escritura de archivos con privilegios extendidos. • https://docs.docker.com/engine/release-notes/#20103 https://github.com/moby/moby/commit/64bd4485b3a66a597c02c95f5776395e540b2c7c https://github.com/moby/moby/releases/tag/v19.03.15 https://github.com/moby/moby/releases/tag/v20.10.3 https://github.com/moby/moby/security/advisories/GHSA-7452-xqpj-6rpc https://security.gentoo.org/glsa/202107-23 https://security.netapp.com/advisory/ntap-20210226-0005 https://www.debian.org/security/2021/dsa-4865 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-21285 – Docker daemon crash during image pull of malicious image
https://notcve.org/view.php?id=CVE-2021-21285
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. En Docker versiones anteriores a 9.03.15, 20.10.3, se presenta una vulnerabilidad en la que al extraer un manifiesto de imagen de Docker malformado intencionalmente, bloquea al demonio dockerd. Las versiones 20.10.3 y 19.03.15 contienen parches que impiden al demonio bloquearse • https://docs.docker.com/engine/release-notes/#20103 https://github.com/moby/moby/commit/8d3179546e79065adefa67cc697c09d0ab137d30 https://github.com/moby/moby/releases/tag/v19.03.15 https://github.com/moby/moby/releases/tag/v20.10.3 https://github.com/moby/moby/security/advisories/GHSA-6fj5-m822-rqx8 https://security.gentoo.org/glsa/202107-23 https://security.netapp.com/advisory/ntap-20210226-0005 https://www.debian.org/security/2021/dsa-4865 • CWE-400: Uncontrolled Resource Consumption CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-3162
https://notcve.org/view.php?id=CVE-2021-3162
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation. Docker Desktop Community versiones anteriores a 2.5.0.0 en macOS, maneja inapropiadamente una comprobación de certificados, conllevando a una escalada de privilegios local • https://docs.docker.com/docker-for-mac/release-notes/#docker-desktop-community-2500 https://twitter.com/_r3ggi • CWE-295: Improper Certificate Validation •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-27534
https://notcve.org/view.php?id=CVE-2020-27534
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call. El archivo util/binfmt_misc/check.go en Builder en Docker Engine versiones anteriores a 9.03.9, llama a os.OpenFile con un nombre de ruta temporal qemu-check potencialmente inseguro, construido con un primer argumento vacío en una llamada de ioutil.TempDir. • http://web.archive.org/web/20200530054359/https://docs.docker.com/engine/release-notes https://github.com/moby/buildkit/pull/1462 https://github.com/moby/moby/pull/40877 https://golang.org/pkg/io/ioutil/#TempDir https://golang.org/pkg/os/#TempDir • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •